Principles and Characteristics of TCP Reflection Attacks
April 28, 2021
Produced by: Siqi GUO, Qiwen LUO Increasingly Serious Reflection Attacks Reflection attacks, as nothing new, have become one of the most troublesome and common DDoS attacks and are dominant in bandwidth consumption DDoS attacks. According to NSFOCUS’s latest 2020 DDoS Attack Landscape, reflection attacks made up 34% of all DDoS attacks in 2020. Compared with […]
Microsoft April Security Updates for Multiple High-Risk Product Vulnerabilities
April 25, 2021
Vulnerability Description On April 14, 2020, Microsoft released April 2020 Security Updates that fix 114 vulnerabilities, including high-risk remote code execution and privilege escalation, in various products like Microsoft Windows, Office, Edge (Chromium-based), Visual Studio Code, Microsoft Exchange Server, Visual Studio, and Azure. In these security updates, Microsoft fixes 19 critical vulnerabilities and 88 important […]
2020 DDoS Attack Landscape Report – 1
April 20, 2021
Executive Summary In 2020, the total number of distributed denial-of-service (DDoS) attacks declined a little compared with 2019, probably attributable to effective governance and enhanced protection capabilities of Anti-DDoS products. Despite this, DDoS attacks intensified during the COVID-19 pandemic, especially for healthcare, government, and education sectors. January to April 2020 was a period when China […]
OpenSSL Denial-of-Service and Certificate Bypass Check Vulnerabilities (CVE-2021-3449/CVE-2021-3450) Threat Alert
April 12, 2021
Vulnerability Description On March 26, 2021, NSFOCUS detected that OpenSSL issued a security advisory fixing a denial-of-service vulnerability and a certificate check bypass vulnerability (CVE-2021-3449/CVE-2021-3450) in OpenSSL products. Currently, the proof of concept (PoC) of this vulnerability has been made publicly available. Relevant users are advised to take protective measures as soon as possible. CVE-2021-3449: […]
Adobe ColdFusion Remote Code Execution Vulnerability (CVE-2021-21087) Threat Alert
April 8, 2021
Vulnerability Description On March 23, 2021, NSFOCUS detected that Adobe released a security bulletin fixing a code execution vulnerability (CVE-2021-21087). Due to improper sanitization of user inputs, unauthenticated attackers could execute arbitrary code on the target server by sending a crafted, malicious request to the ColdFusion server. Adobe ColdFusion is a rapid application development platform. […]
Apache Solr Arbitrary File Read and SSRF Vulnerability Threat Alert
March 29, 2021
Vulnerability Description Recently, NSFOCUS detected that an Apache Solr arbitrary file read and server-side request forgery (SSRF) vulnerability was disclosed on the Internet. Since authentication was disabled by default when Apache Solr was installed, unauthenticated attackers could turn on requestDis patcher.requestParsers.enableRemoteStreaming via the Config API, thereby exploiting the vulnerability to read files. Currently, the proof […]
XStream Multiple High-Risk Vulnerabilities Threat Alert
March 25, 2021
Vulnerability Description Recently, NSFOCUS detected that XStream released security advisories disclosing 11 security vulnerabilities in its products. An attacker could exploit these vulnerabilities to conduct DoS and SSRF attacks, delete arbitrary files, and lead to arbitrary RCE. XStream is a tool for converting between Java objects and XML. When serializing JavaBeans or deserializing XML files, […]
F5 BIG-IP/BIG-IQ High-Risk Vulnerabilities Threat Alert
March 24, 2021
Vulnerability Description On March 11, NSFOCUS observed that F5 released a security bulletin to announce the fix of multiple high-risk vulnerabilities, CVE-2021-22986, CVE-2021-22987, CVE-2021-22988, CVE-2021-22989, CVE-2021-22990, CVE-2021-22991, and CVE-2021-22992, which affect BIG-IP and BIG-IQ in F5. Users are advised to take preventive measures as soon as possible. BIG-IP is an F5 application delivery platform that […]
GitLab Remote Code Execution Vulnerability Threat Alert
March 22, 2021
Vulnerability Description On March 19, 2021, NSFOCUS detected that GitLab released patches for a code execution vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE), which was assigned a CVSS base score of 9.9. Unauthorized authenticated attackers could craft malicious requests via controllable markdown rendering options, thereby executing arbitrary code on the server. GitLab […]
NSFOCUS Web Application Firewall Attains ICSA Labs Certification
March 22, 2021
MILPITAS, Calif. – March 22, 2021 – We are pleased to announce that our web application firewall, NSFOCUS WAF, was awarded ICSA Labs Web Application Firewall Certification following rigorous and thorough testing. ICSA Labs, an independent division of Verizon, offers third-party testing and certification of security and health IT products, as well as connected devices, […]